OpenAI Rolls Out ChatGPT Lockdown Mode To Protect Against Prompt Injection Attacks

OpenAI has begun rolling out a new Lockdown Mode feature for ChatGPT users to protect against prompt injection attacks that can expose sensitive data.

“OpenAI has begun rolling out Lockdown Mode, an additional security setting designed to provide enhanced user protection against prompt injection attacks”

dev.ua

The feature is designed to limit many tools and capabilities in OpenAI products that can connect to the web or external services, and it is aimed at people and organizations that handle sensitive data.

dev.ua

When Lockdown Mode is enabled, live web browsing is disabled and web access is limited to cached content, while searching and displaying images from the internet, as well as Deep Research and Agent Mode functions, are temporarily suspended.

OpenAI also says Lockdown Mode is not intended for everyone, and it may not completely secure ChatGPT because malicious commands stored in cached content or uploaded files could affect the accuracy of responses.

OpenAI’s Lockdown Mode disables live web browsing beyond cached content, image support for displaying images in regular responses or retrieving images from the web, and Deep research and Agent mode.

The setting also blocks Canvas networking by preventing users from approving Canvas-generated code to access the network, and it disables file downloads that would otherwise allow downloading files for data analysis.

DiarioBitcoin

OpenAI frames the goal as harm reduction rather than a guarantee, saying it is designed to substantially reduce the risk of prompt injection-based data exfiltration but does not guarantee that data exfiltration cannot happen.

In addition, OpenAI says risk may remain through enabled Apps, unforeseen combinations of capabilities, or newly discovered techniques, and it notes that a malicious instruction hidden in an uploaded file could still affect ChatGPT’s behavior and cause an incorrect answer.

Alongside Lockdown Mode, OpenAI has introduced an active session management tool that lets users view devices and web browsers currently or previously signed into their ChatGPT account.

“OpenAI rolls out a Lockdown Mode for extra protection against prompt injection attacks The company says most users don't need to use the feature”

Engadget

From that interface, users can sign out of a specific session or log out of all active sessions simultaneously, and OpenAI says the account-wide logout may take up to 30 minutes to complete across all devices.

OpenAI also advises that if users suspect unauthorized account activity, they should change their password if they use one, review their sign-in methods, and contact OpenAI Support.

The rollout is positioned as optional and targeted, with OpenAI saying Lockdown Mode is designed for people and organizations that handle sensitive data and want stricter protection from data exfiltration risks related to prompt injection.